blank registration form

0 dyst0pia Flagitious · July 21, 2014
Hello, I have a registration form that functions just fine but im working out a couple of bugs, a major bug is when you click register without filling out the form it will still register within my DB and they can then log in with out typing a u/p. i have tried if(!empty($uname)){echo "Thanks for registering!"; exit();}esle{echo "Please fill out the required fields."; exit();} but its not working maybe i am placing it the wrong area of the code. any help would be appreciated. below is the original code before i tried messing around with the empty fields:





<?php

require('/Library/WebServer/Documents/DYCO_Project/config.php');

if(isset($_POST['submit'])){

  //Perform verification
$email1 = $_POST ['email1'];
$email2 = $_POST ['email2'];
$pass1 = $_POST ['pass1'];
$pass2 = $_POST ['pass2'];


    if($email1 == $email2){
    if($pass1 == $pass2){
        //All good. Carry on.
        
$name = mysql_escape_string($_POST['name']);
$lname = mysql_escape_string($_POST['lname']);        
$uname = mysql_escape_string($_POST['uname']);
$email1 = mysql_escape_string($email1);
$email2 = mysql_escape_string($email2);
$pass1 = mysql_escape_string($pass1);
$pass2 = mysql_escape_string($pass2);

$pass1 = md5($pass1);
$sql = mysql_query("SELECT * FROM `users` WHERE `uname` = '$uname' ");
if(mysql_num_rows($sql) > 0){
   
   echo "Sorry, that user already exists.";
       exit();
}

mysql_query("INSERT INTO `users` (`id`, `name`, `lname`, `uname`, `email`, `pass`) VALUES (NULL, '$name', '$lname', '$uname', '$email1', '$pass1')");
        
    }else{
  echo "Your Passwords Do Not Match.<br />";
        exit();
}
    }else{
  echo "Your Emails Do Not Match.<br /><br />";
       exit();
}
 
}

else{

$form = <<<EOT
<!DOCTYPE html>
<html lang="en">
<head>
<title>The dyst0pian Corporation | Register</title>
<meta charset="utf-8">
<link rel="icon" type="image/ico" href="images/favicon.ico"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<link href='http://fonts.googleapis.com/css?family=Asul:400,700' rel='stylesheet' type='text/css'>
<link type="text/css" rel="stylesheet" href="dyco.css" />
<script src="sideviewmenu.js">
//***********************************************
* Page Sideview Menu- (c) Dynamic Drive DHTML code library (www.dynamicdrive.com)
* This notice MUST stay intact for legal use
* Visit Dynamic Drive at http://www.dynamicdrive.com/ for this script and 100s more
***********************************************//
</script>
<script>
jQuery(function(){ // on DOM Load
    sideviewmenu({ // call sideviewmenu() function
        menuid: 'sideviewmenu',
        onopenclose:function(state){ // state is either "open" or "closed"
            // custom code
        }
    })
})
</script>
</head>
<body>
<div id="transparent">
<a href="#" class="shake" onClick="sideviewmenu.toggle(); return false"><img id="logo" alt="logo" src="images/dyco1.1.png" /></a>
<br />
<br />
<br />
<form action="register.php" method="POST">
First Name: <input type="text" name="name" /><br />
Last Name: <input type="text" name="lname" /><br />
Username: <input type="text" name="uname" /><br />
Email: <input type="text" name="email1" /><br />
Confirm Email: <input type="text" name="email2" /><br />
Password: <input type="password" name="pass1" /><br />
Confirm Password: <input type="password" name="pass2" /><br />
<input type="submit" value="Register" name="submit" />
</form>
</div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<hr />
<small>The dyst0pian Corporation © 2014 All Rights Reserved.</small>
</body>
</html>
EOT;

echo $form;

}


Post a Reply

Replies

Oldest  Newest  Rating
+2 Franz Schmidt · July 22, 2014
First of all please use code tags it looks  horrible without them :ermm:

And you are rigth you could use the empty() function you just have to check if none of your fields are empty:


if(empty($name) || empty($lname)|| empty($uname)|| empty($email1)|| empty($email2)|| empty($pass1)|| empty($pass2)){
echo "Not all fields filled!<br /><br />";
echo $form;
exit();
}
+1 Alan Johnson · July 22, 2014
Firstly, you can make use of the validation built into modern browsers by adding the required attribute to any input elements you want filling out.
For example:
<input type="text" name="username" placeholder="Enter your username" required/>



The user can easily remove the required attribute however, so you still want to do some server side validation too.
Here's a basic example:
<form action="" method="post">
<input type="text" name="username" placeholder="Enter your username" required/>
<input type="password" name="password" placeholder="Enter your password" required/>
<input type="password" name="confirmPassword" placeholder="Confirm your password" required/>
<input type="email" name="email" placeholder="Enter your email address" required/>
<button>Sign Up</button>
</form>

<?php 
if ($_SERVER['REQUEST_METHOD'] === 'POST') {

// Array of all the fields which need filling out
// Notice they correspond extactly to the names of the input elements above
$requiredFields = array('username', 'password', 'confirmPassword', 'email');

// Make sure each of the fields has been filled out
foreach ($requiredFields as $field) {
if (!isset($_POST[$field]) || empty($_POST[$field]))
exit('Error: please fill in all the required fields.');
}

// If the script reaches here all the fields have been filled out

}

+2 Steven the awesome · July 22, 2014
Dont blame me if I am wrong but I clean up the code a bit, so maybe will this work. :wassat:


<?php


require('/Library/WebServer/Documents/DYCO_Project/config.php');

if(isset($_POST['submit'])){

  //Perform verification
$name = mysql_escape_string($_POST['name']);
$lname = mysql_escape_string($_POST['lname']);        
$uname = mysql_escape_string($_POST['uname']);
$email1 = mysql_escape_string($_POST['email1']);
$email2 = mysql_escape_string($_POST['email2']);
$pass1  = mysql_escape_string($_POST['pass1']);
$pass2  = mysql_escape_string($_POST['pass2']);


//check to see if the fields are empty
if(empty($name) || empty($lname)|| empty($uname)|| empty($email1)|| empty($email2)|| empty($pass1)|| empty($pass2)){
  echo "Not all fields filled!<br /><br />";
  echo $form;
  exit();
}

//check if email or password are equal
if($email1 == $email2){
    if($pass1 == $pass2){

//md5 password
$pass1 = md5($pass1);

  
$sql = mysql_query("SELECT * FROM users WHERE uname='$uname'"); 
  if(mysql_num_rows($sql) > 0){ 
    echo "Sorry, that user already exists.";
    exit();
}

mysql_query("INSERT INTO users (id, name, lname, uname, email, pass) VALUES (NULL, '$name', '$lname', '$uname', '$email1', '$pass1')");
        
    }else{
      echo "Your Passwords Do Not Match.<br />";
      exit();
}
    }else{
      echo "Your Emails Do Not Match.<br /><br />";
      exit();
}
 
}

else{

$form = <<<EOT
<!DOCTYPE html>
<html lang="en">
  <head>
    <title>The dyst0pian Corporation | Register</title>
    <meta charset="utf-8">
    <link rel="icon" type="image/ico" href="images/favicon.ico"/>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
    <link href='http://fonts.googleapis.com/css?family=Asul:400,700' rel='stylesheet' type='text/css'>
    <link type="text/css" rel="stylesheet" href="dyco.css" />
    <script src="sideviewmenu.js">
    //***********************************************
    * Page Sideview Menu- (c) Dynamic Drive DHTML code library (www.dynamicdrive.com)
    * This notice MUST stay intact for legal use
    * Visit Dynamic Drive at http://www.dynamicdrive.com/ for this script and 100s more
    ***********************************************//
    </script>
    <script>
    jQuery(function(){ // on DOM Load
        sideviewmenu({ // call sideviewmenu() function
            menuid: 'sideviewmenu',
            onopenclose:function(state){ // state is either "open" or "closed"
                // custom code
            }
        })
    })
    </script>
  </head>
      <body>
        <div id="transparent">
        <a href="#" class="shake" onClick="sideviewmenu.toggle(); return false"><img id="logo" alt="logo" src="images/dyco1.1.png" /></a>
        <br />
        <br />
        <br />
          <form action="register.php" method="POST">
            First Name: <input type="text" name="name" /><br />
            Last Name: <input type="text" name="lname" /><br />
            Username: <input type="text" name="uname" /><br />
            Email: <input type="text" name="email1" /><br />
            Confirm Email: <input type="text" name="email2" /><br />
            Password: <input type="password" name="pass1" /><br />
            Confirm Password: <input type="password" name="pass2" /><br />
            <input type="submit" value="Register" name="submit" />
          </form>
        </div>
        <br />
        <br />
        <br />
        <br />
        <br />
        <br />
        <br />
        <hr />
        <small>The dyst0pian Corporation © 2014 All Rights Reserved.</small>
      </body>
</html>
EOT;

echo $form;

}
+1 dyst0pia Flagitious · July 22, 2014
Thank you guys for the suggestions and the help! With your input I was able to figure it out. :)
+1 Steven the awesome · July 22, 2014
@dyst0pia Flagitious  your welcome!
+2 William Frost · July 22, 2014
Don't use mysql_something, use mysqli https://buckysroom.org/videos.php?cat=87&video=19821 :)
0 chris martin · July 26, 2014
I had the same problem a few days ago. I used Sir. Frost's solution and it worked great for me, on my site - www.prime-ticket.com . just wondering did it work for you as well man ?
  • 1

PHP

107,055 followers
About

Server-side, HTML embedded scripting language used to create dynamic Web pages.

Links
Moderators